[ISN] Can Iran Turn Off Your Lights?

http://www.defenseone.com/technology/2014/12/can-iran-turn-your-lights/100821/ By Patrick Tucker Defense One December 9, 2014 Online security company Cylance released a report last week showing that an Iranian cyber-espionage operation “Operation Cleaver” had successfully breached U.S. and foreign military, infrastructure and transportation targets. The report claimed to confirm widely-suspected Iranian hacks of the unclassified Navy Marine Core Intranet system, NMCI, in 2013. It describes (with explicitly naming) more than 50 targets around the world, including players in energy and transportation. But is the Iranian cyber threat overblown? The tactics detailed in the report show an escalation of Iranian hacking activity, which the report’s writers, in several instances, refer to as rapid. “We observed the technical capabilities of the Operation Cleaver team rapidly evolve faster than any previously observed Iranian effort. As Iran’s cyber warfare capabilities continue to morph the probability of an attack that could impact the physical world at a national or global level is rapidly increasing. Their capabilities have advanced beyond simple website defacements, Distributed Denial of Service (DDoS) attacks, and Hacking Exposed style techniques,” the report states. The Operation Cleaver team found vulnerabilities in the Search Query Language or SQL coding in various target systems and then used those SQL vulnerabilities to inject secret commands into back servers (a tactic called SQL injection). They were then able to upload new tools into the systems allowing for more data theft and access. The tools enabled the hackers to capture a wide number of administrator passwords (a technique known as credential dumping) and even log keystrokes on affected computers. […]